sources from main repository

This commit is contained in:
Guenter Obiltschnig
2006-12-22 10:06:10 +00:00
parent 851bd49554
commit 5dc1336af8
103 changed files with 11293 additions and 0 deletions

View File

@@ -0,0 +1,81 @@
//
// AcceptCertificateHandler.h
//
// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/AcceptCertificateHandler.h#1 $
//
// Library: NetSSL_OpenSSL
// Package: SSLCore
// Module: AcceptCertificateHandler
//
// Definition of the AcceptCertificateHandler class.
//
// Copyright (c) 2006, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// Permission is hereby granted, free of charge, to any person or organization
// obtaining a copy of the software and accompanying documentation covered by
// this license (the "Software") to use, reproduce, display, distribute,
// execute, and transmit the Software, and to prepare derivative works of the
// Software, and to permit third-parties to whom the Software is furnished to
// do so, all subject to the following:
//
// The copyright notices in the Software and this entire statement, including
// the above license grant, this restriction and the following disclaimer,
// must be included in all copies of the Software, in whole or in part, and
// all derivative works of the Software, unless such copies or derivative
// works are solely in the form of machine-executable object code generated by
// a source language processor.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
// SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
// FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.
//
#ifndef NetSSL_AcceptCertificateHandler_INCLUDED
#define NetSSL_AcceptCertificateHandler_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/InvalidCertificateHandler.h"
namespace Poco {
namespace Net {
class NetSSL_API AcceptCertificateHandler: public InvalidCertificateHandler
/// A AcceptCertificateHandler is invoked whenever an error
/// occurs verifying the certificate. It always accepts
/// the certificate. Only use this one during testing!
{
public:
AcceptCertificateHandler(bool handleErrorsOnServerSide);
/// Creates the AcceptCertificateHandler
virtual ~AcceptCertificateHandler();
/// Destroys the AcceptCertificateHandler.
void onInvalidCertificate(const void* pSender, VerificationErrorArgs& errorCert);
/// Receives the questionable certificate in parameter errorCert. If one wants to accept the
/// certificate, call errorCert.setIgnoreError(true).
};
//
// inlines
//
inline void AcceptCertificateHandler::onInvalidCertificate(const void*, VerificationErrorArgs& errorCert)
{
errorCert.setIgnoreError(true);
}
} } // namespace Poco::Net
#endif // NetSSL_AcceptCertificateHandler_INCLUDED

View File

@@ -0,0 +1,103 @@
//
// CertificateHandlerFactory.h
//
// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/CertificateHandlerFactory.h#1 $
//
// Library: NetSSL_OpenSSL
// Package: SSLCore
// Module: CertificateHandlerFactory
//
// Definition of the CertificateHandlerFactory class.
//
// Copyright (c) 2006, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// Permission is hereby granted, free of charge, to any person or organization
// obtaining a copy of the software and accompanying documentation covered by
// this license (the "Software") to use, reproduce, display, distribute,
// execute, and transmit the Software, and to prepare derivative works of the
// Software, and to permit third-parties to whom the Software is furnished to
// do so, all subject to the following:
//
// The copyright notices in the Software and this entire statement, including
// the above license grant, this restriction and the following disclaimer,
// must be included in all copies of the Software, in whole or in part, and
// all derivative works of the Software, unless such copies or derivative
// works are solely in the form of machine-executable object code generated by
// a source language processor.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
// SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
// FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.
//
#ifndef NetSSL_CertificateHandlerFactory_INCLUDED
#define NetSSL_CertificateHandlerFactory_INCLUDED
#include "Poco/Net/NetSSL.h"
namespace Poco {
namespace Net {
class InvalidCertificateHandler;
class NetSSL_API CertificateHandlerFactory
/// A CertificateHandlerFactory is responsible for creating InvalidCertificateHandlers.
/// You don't need to access this class directly. Use the macro
/// POCO_REGISTER_CHFACTORY(namespace, InvalidCertificateHandlerName)
/// instead (see the documentation of InvalidCertificateHandler for an example).
{
public:
CertificateHandlerFactory();
/// Creates the CertificateHandlerFactory.
virtual ~CertificateHandlerFactory();
/// Destroys the CertificateHandlerFactory.
virtual InvalidCertificateHandler* create(bool server) const = 0;
/// Creates a new InvalidCertificateHandler. Set server to true if the certificate handler is used on the server side.
};
class NetSSL_API CertificateHandlerFactoryRegistrar
/// Registrar class which automatically registers CertificateHandlerFactory at the CertificateHandlerFactoryMgr.
/// You don't need to access this class directly. Use the macro
/// POCO_REGISTER_CHFACTORY(namespace, InvalidCertificateHandlerName)
/// instead (see the documentation of InvalidCertificateHandler for an example).
{
public:
CertificateHandlerFactoryRegistrar(const std::string& name, CertificateHandlerFactory* pFactory);
/// Registers the CertificateHandlerFactory with the given name at the factory manager.
virtual ~CertificateHandlerFactoryRegistrar();
/// Destroys the CertificateHandlerFactoryRegistrar.
};
#define POCO_REGISTER_CHFACTORY(API, PKCLS) \
class API PKCLS##Factory: public Poco::Net::CertificateHandlerFactory \
{ \
public: \
PKCLS##Factory(){} \
~PKCLS##Factory(){} \
Poco::Net::InvalidCertificateHandler* create(bool server) const \
{ \
return new PKCLS(server); \
} \
}; \
static Poco::Net::CertificateHandlerFactoryRegistrar aRegistrar(std::string(#PKCLS), new PKCLS##Factory());
} } // namespace Poco::Net
#endif // NetSSL_CertificateHandlerFactory_INCLUDED

View File

@@ -0,0 +1,86 @@
//
// CertificateHandlerFactoryMgr.h
//
// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/CertificateHandlerFactoryMgr.h#1 $
//
// Library: NetSSL_OpenSSL
// Package: SSLCore
// Module: CertificateHandlerFactoryMgr
//
// Definition of the CertificateHandlerFactoryMgr class.
//
// Copyright (c) 2006, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// Permission is hereby granted, free of charge, to any person or organization
// obtaining a copy of the software and accompanying documentation covered by
// this license (the "Software") to use, reproduce, display, distribute,
// execute, and transmit the Software, and to prepare derivative works of the
// Software, and to permit third-parties to whom the Software is furnished to
// do so, all subject to the following:
//
// The copyright notices in the Software and this entire statement, including
// the above license grant, this restriction and the following disclaimer,
// must be included in all copies of the Software, in whole or in part, and
// all derivative works of the Software, unless such copies or derivative
// works are solely in the form of machine-executable object code generated by
// a source language processor.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
// SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
// FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.
//
#ifndef NetSSL_CertificateHandlerFactoryMgr_INCLUDED
#define NetSSL_CertificateHandlerFactoryMgr_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/CertificateHandlerFactory.h"
#include "Poco/SharedPtr.h"
#include <map>
namespace Poco {
namespace Net {
class NetSSL_API CertificateHandlerFactoryMgr
/// A CertificateHandlerFactoryMgr manages all existing CertificateHandlerFactories.
{
public:
typedef std::map<std::string, Poco::SharedPtr<CertificateHandlerFactory> > FactoriesMap;
CertificateHandlerFactoryMgr();
/// Creates the CertificateHandlerFactoryMgr.
~CertificateHandlerFactoryMgr();
/// Destroys the CertificateHandlerFactoryMgr.
void setFactory(const std::string& name, CertificateHandlerFactory* pFactory);
/// Registers the factory. Class takes ownership of the pointer.
/// If a factory with the same name already exists, an exception is thrown.
bool hasFactory(const std::string& name) const;
/// Returns true if for the given name a factory is already registered
const CertificateHandlerFactory* getFactory(const std::string& name) const;
/// Returns NULL if for the given name a factory does not exist, otherwise the factory is returned
void removeFactory(const std::string& name);
/// Removes the factory from the manager.
private:
FactoriesMap _factories;
};
} } // namespace Poco::Net
#endif // NetSSL_CertificateHandlerFactoryMgr_INCLUDED

View File

@@ -0,0 +1,71 @@
//
// ConsoleCertificateHandler.h
//
// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/ConsoleCertificateHandler.h#1 $
//
// Library: NetSSL_OpenSSL
// Package: SSLCore
// Module: ConsoleCertificateHandler
//
// Definition of the ConsoleCertificateHandler class.
//
// Copyright (c) 2006, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// Permission is hereby granted, free of charge, to any person or organization
// obtaining a copy of the software and accompanying documentation covered by
// this license (the "Software") to use, reproduce, display, distribute,
// execute, and transmit the Software, and to prepare derivative works of the
// Software, and to permit third-parties to whom the Software is furnished to
// do so, all subject to the following:
//
// The copyright notices in the Software and this entire statement, including
// the above license grant, this restriction and the following disclaimer,
// must be included in all copies of the Software, in whole or in part, and
// all derivative works of the Software, unless such copies or derivative
// works are solely in the form of machine-executable object code generated by
// a source language processor.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
// SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
// FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.
//
#ifndef NetSSL_ConsoleCertificateHandler_INCLUDED
#define NetSSL_ConsoleCertificateHandler_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/InvalidCertificateHandler.h"
namespace Poco {
namespace Net {
class NetSSL_API ConsoleCertificateHandler: public InvalidCertificateHandler
/// A ConsoleCertificateHandler is invoked whenever an error occurs verifying the certificate.
/// The certificate is printed to stdout and the user is asked via console if he wants to accept it.
{
public:
ConsoleCertificateHandler(bool handleErrorsOnServerSide);
/// Creates the ConsoleCertificateHandler.
virtual ~ConsoleCertificateHandler();
/// Destroys the ConsoleCertificateHandler.
void onInvalidCertificate(const void* pSender, VerificationErrorArgs& errorCert);
/// Prints the certificate to stdout and waits for user input on the console
/// to decide if a certificate should be accepted/rejected.
};
} } // namespace Poco::Net
#endif // NetSSL_ConsoleCertificateHandler_INCLUDED

View File

@@ -0,0 +1,119 @@
//
// Context.h
//
// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/Context.h#1 $
//
// Library: NetSSL_OpenSSL
// Package: SSLCore
// Module: Context
//
// Definition of the Context class.
//
// Copyright (c) 2006, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// Permission is hereby granted, free of charge, to any person or organization
// obtaining a copy of the software and accompanying documentation covered by
// this license (the "Software") to use, reproduce, display, distribute,
// execute, and transmit the Software, and to prepare derivative works of the
// Software, and to permit third-parties to whom the Software is furnished to
// do so, all subject to the following:
//
// The copyright notices in the Software and this entire statement, including
// the above license grant, this restriction and the following disclaimer,
// must be included in all copies of the Software, in whole or in part, and
// all derivative works of the Software, unless such copies or derivative
// works are solely in the form of machine-executable object code generated by
// a source language processor.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
// SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
// FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.
//
#ifndef NetSSL_Context_INCLUDED
#define NetSSL_Context_INCLUDED
#include "Poco/Net/NetSSL.h"
#include <openssl/ssl.h>
namespace Poco {
namespace Net {
class NetSSL_API Context
/// This class encapsulates an SSL Context.
{
public:
enum VerificationMode
{
VERIFY_NONE = SSL_VERIFY_NONE,
VERIFY_RELAXED = SSL_VERIFY_PEER,
VERIFY_STRICT = SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
VERIFY_ONCE = SSL_VERIFY_CLIENT_ONCE
};
Context(const std::string& privateKeyFile,
const std::string& caLocation,
bool isServerContext,
VerificationMode verMode = VERIFY_STRICT,
int verificationDepth = 9,
bool loadCAFromDefaultPath = false,
const std::string& cypherList = "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH");
/// Creates a context.
/// privateKeyFile contains the key used for encryption, caLocation can either
/// be a directory or a single file containing the certificates for certificate authorities.
/// isServerContext defines if the context belongs to a server or client.
/// verificationDepth sets the upper limit for verification chain sizes. If we encounter
/// a chain larger than that limit, verification will fail.
/// Cypherlist defines which protocols are allowed.
/// Creates the Context.
~Context();
/// Destroys the Context.
SSL_CTX* sslContext() const;
Context::VerificationMode verificationMode() const;
bool serverContext() const;
private:
SSL_CTX* _pSSLContext;
Context::VerificationMode _mode;
bool _server;
};
//
// inlines
//
inline SSL_CTX* Context::sslContext() const
{
return _pSSLContext;
}
inline Context::VerificationMode Context::verificationMode() const
{
return _mode;
}
inline bool Context::serverContext() const
{
return _server;
}
} } // namespace Poco::Net
#endif // NetSSL_Context_INCLUDED

View File

@@ -0,0 +1,129 @@
//
// HTTPSClientSession.h
//
// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/HTTPSClientSession.h#1 $
//
// Library: NetSSL_OpenSSL
// Package: HTTPSClient
// Module: HTTPSClientSession
//
// Definition of the HTTPSClientSession class.
//
// Copyright (c) 2006, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// Permission is hereby granted, free of charge, to any person or organization
// obtaining a copy of the software and accompanying documentation covered by
// this license (the "Software") to use, reproduce, display, distribute,
// execute, and transmit the Software, and to prepare derivative works of the
// Software, and to permit third-parties to whom the Software is furnished to
// do so, all subject to the following:
//
// The copyright notices in the Software and this entire statement, including
// the above license grant, this restriction and the following disclaimer,
// must be included in all copies of the Software, in whole or in part, and
// all derivative works of the Software, unless such copies or derivative
// works are solely in the form of machine-executable object code generated by
// a source language processor.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
// SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
// FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.
//
#ifndef NetSSL_HTTPSClientSession_INCLUDED
#define NetSSL_HTTPSClientSession_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/Utility.h"
#include "Poco/Net/HTTPClientSession.h"
namespace Poco {
namespace Net {
class SecureStreamSocket;
class HTTPRequest;
class HTTPResponse;
class NetSSL_API HTTPSClientSession: public HTTPClientSession
/// This class implements the client-side of
/// a HTTPS session.
///
/// To send a HTTPS request to a HTTPS server, first
/// instantiate a HTTPSClientSession object and
/// specify the server's host name and port number.
///
/// Then create a HTTPRequest object, fill it accordingly,
/// and pass it as argument to the sendRequst() method.
///
/// sendRequest() will return an output stream that can
/// be used to send the request body, if there is any.
///
/// After you are done sending the request body, create
/// a HTTPResponse object and pass it to receiveResponse().
///
/// This will return an input stream that can be used to
/// read the response body.
///
/// See RFC 2616 <http://www.faqs.org/rfcs/rfc2616.html> for more
/// information about the HTTP protocol.
{
public:
HTTPSClientSession();
/// Creates an unconnected HTTPSClientSession.
HTTPSClientSession(const SecureStreamSocket& socket);
/// Creates a HTTPSClientSession using the given socket.
/// The socket must not be connected. The session
/// takes ownership of the socket.
HTTPSClientSession(const std::string& host, Poco::UInt16 port = Utility::HTTPS_PORT);
/// Creates a HTTPSClientSession using the given host and port.
~HTTPSClientSession();
/// Destroys the HTTPSClientSession and closes
/// the underlying socket.
std::ostream& sendRequest(HTTPRequest& request);
/// Sends the header for the given HTTPS request to
/// the server.
///
/// The HTTPSClientSession will set the request's
/// Host and Keep-Alive headers accordingly.
///
/// The returned output stream can be used to write
/// the request body. The stream is valid until
/// receiveResponse() is called or the session
/// is destroyed.
std::istream& receiveResponse(HTTPResponse& response);
/// Receives the header for the response to the previous
/// HTTPS request.
///
/// The returned input stream can be used to read
/// the response body. The stream is valid until
/// sendRequest() is called or the session is
/// destroyed.
protected:
void connect(const SocketAddress& address);
// Connects the socket to the server.
std::string getHostInfo() const;
/// Returns the target host and port number for proxy requests.
};
} } // namespace Poco::Net
#endif // Net_HTTPSClientSession_INCLUDED

View File

@@ -0,0 +1,77 @@
//
// HTTPSSessionInstantiator.h
//
// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/HTTPSSessionInstantiator.h#1 $
//
// Library: NetSSL_OpenSSL
// Package: HTTPSClient
// Module: HTTPSSessionInstantiator
//
// Definition of the HTTPSSessionInstantiator class.
//
// Copyright (c) 2006, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// Permission is hereby granted, free of charge, to any person or organization
// obtaining a copy of the software and accompanying documentation covered by
// this license (the "Software") to use, reproduce, display, distribute,
// execute, and transmit the Software, and to prepare derivative works of the
// Software, and to permit third-parties to whom the Software is furnished to
// do so, all subject to the following:
//
// The copyright notices in the Software and this entire statement, including
// the above license grant, this restriction and the following disclaimer,
// must be included in all copies of the Software, in whole or in part, and
// all derivative works of the Software, unless such copies or derivative
// works are solely in the form of machine-executable object code generated by
// a source language processor.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
// SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
// FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.
//
#ifndef Net_HTTPSSessionInstantiator_INCLUDED
#define Net_HTTPSSessionInstantiator_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/Utility.h"
#include "Poco/Net/HTTPSessionInstantiator.h"
#include "Poco/URI.h"
namespace Poco {
namespace Net {
class NetSSL_API HTTPSSessionInstantiator: public HTTPSessionInstantiator
/// The HTTPSessionInstantiator for HTTPSClientSession.
{
public:
HTTPSSessionInstantiator();
/// Creates the HTTPSSessionInstantiator.
~HTTPSSessionInstantiator();
/// Destroys the HTTPSSessionInstantiator.
HTTPClientSession* createClientSession(const Poco::URI& uri);
/// Creates a HTTPSClientSession for the given URI.
static void registerInstantiator();
/// Registers the instantiator with the global HTTPSessionFactory.
static void unregisterInstantiator();
/// Unregisters the factory with the global HTTPSessionFactory.
};
} } // namespace Poco::Net
#endif // Net_HTTPSSessionInstantiator_INCLUDED

View File

@@ -0,0 +1,92 @@
//
// HTTPSStreamFactory.h
//
// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/HTTPSStreamFactory.h#1 $
//
// Library: NetSSL_OpenSSL
// Package: HTTPSClient
// Module: HTTPSStreamFactory
//
// Definition of the HTTPSStreamFactory class.
//
// Copyright (c) 2006, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// Permission is hereby granted, free of charge, to any person or organization
// obtaining a copy of the software and accompanying documentation covered by
// this license (the "Software") to use, reproduce, display, distribute,
// execute, and transmit the Software, and to prepare derivative works of the
// Software, and to permit third-parties to whom the Software is furnished to
// do so, all subject to the following:
//
// The copyright notices in the Software and this entire statement, including
// the above license grant, this restriction and the following disclaimer,
// must be included in all copies of the Software, in whole or in part, and
// all derivative works of the Software, unless such copies or derivative
// works are solely in the form of machine-executable object code generated by
// a source language processor.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
// SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
// FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.
//
#ifndef NetSSL_HTTPSStreamFactory_INCLUDED
#define NetSSL_HTTPSStreamFactory_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/HTTPSession.h"
#include "Poco/URIStreamFactory.h"
namespace Poco {
namespace Net {
class NetSSL_API HTTPSStreamFactory: public Poco::URIStreamFactory
/// An implementation of the URIStreamFactory interface
/// that handles Hyper-Text Transfer Protocol (http) URIs.
{
public:
HTTPSStreamFactory();
/// Creates the HTTPSStreamFactory.
HTTPSStreamFactory(const std::string& proxyHost, Poco::UInt16 proxyPort = HTTPSession::HTTP_PORT);
/// Creates the HTTPSStreamFactory.
///
/// HTTP connections will use the given proxy.
~HTTPSStreamFactory();
/// Destroys the HTTPSStreamFactory.
std::istream* open(const Poco::URI& uri);
/// Creates and opens a HTTPS stream for the given URI.
/// The URI must be a https://... URI.
///
/// Throws a NetException if anything goes wrong.
static void registerFactory();
/// Registers the HTTPSStreamFactory with the
/// default URIStreamOpener instance.
private:
enum
{
MAX_REDIRECTS = 10
};
std::string _proxyHost;
Poco::UInt16 _proxyPort;
};
} } // namespace Poco::Net
#endif // Net_HTTPSStreamFactory_INCLUDED

View File

@@ -0,0 +1,100 @@
//
// InvalidCertificateHandler.h
//
// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/InvalidCertificateHandler.h#1 $
//
// Library: NetSSL_OpenSSL
// Package: SSLCore
// Module: InvalidCertificateHandler
//
// Definition of the InvalidCertificateHandler class.
//
// Copyright (c) 2006, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// Permission is hereby granted, free of charge, to any person or organization
// obtaining a copy of the software and accompanying documentation covered by
// this license (the "Software") to use, reproduce, display, distribute,
// execute, and transmit the Software, and to prepare derivative works of the
// Software, and to permit third-parties to whom the Software is furnished to
// do so, all subject to the following:
//
// The copyright notices in the Software and this entire statement, including
// the above license grant, this restriction and the following disclaimer,
// must be included in all copies of the Software, in whole or in part, and
// all derivative works of the Software, unless such copies or derivative
// works are solely in the form of machine-executable object code generated by
// a source language processor.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
// SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
// FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.
//
#ifndef NetSSL_InvalidCertificateHandler_INCLUDED
#define NetSSL_InvalidCertificateHandler_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/VerificationErrorArgs.h"
namespace Poco {
namespace Net {
class NetSSL_API InvalidCertificateHandler
/// A InvalidCertificateHandler is invoked whenever an error occurs verifying the certificate. It allows the user
/// to inspect and accept/reject the certificate.
/// One can install one's own InvalidCertificateHandler by implementing this interface. Note that
/// in the cpp file of the subclass the following code must be present (assuming you use the namespace My_API
/// and the name of your handler class is MyGuiHandler):
///
/// #include "Poco/Net/CertificateHandlerFactory.h"
/// ...
/// POCO_REGISTER_CHFACTORY(My_API, MyGuiHandler)
///
/// One can either set the handler directly in the startup code of the main method of ones application by calling
///
/// SSLManager::instance().initialize(mypassphraseHandler, myguiHandler, mySSLContext)
///
/// or in case one uses Poco::Util::Application one can rely on an XML configuration and put the following entry
/// under the path openSSL.invalidCertificateHandler:
///
/// <invalidCertificateHandler>
/// <name>MyGuiHandler<name>
/// <options>
/// [...] // Put optional config params for the handler here
/// </options>
/// </invalidCertificateHandler>
/// Note that the name of the InvalidCertificateHandler must be same as the one provided to the POCO_REGISTER_CHFACTORY macro.
{
public:
InvalidCertificateHandler(bool handleErrorsOnServerSide);
/// Creates the InvalidCertificateHandler.
/// Set handleErrorsOnServerSide to true if the certificate handler is used on the server side.
/// Automatically registers at one of the SSLManager::VerificationError events.
virtual ~InvalidCertificateHandler();
/// Destroys the InvalidCertificateHandler.
virtual void onInvalidCertificate(const void* pSender, VerificationErrorArgs& errorCert) = 0;
/// Receives the questionable certificate in parameter errorCert. If one wants to accept the
/// certificate, call errorCert.setIgnoreError(true).
protected:
bool _handleErrorsOnServerSide;
/// Stores if the certificate handler gets invoked by the server (i.e. a client certificate is wrong)
/// or the client (a server certificate is wrong)
};
} } // namespace Poco::Net
#endif // NetSSL_InvalidCertificateHandler_INCLUDED

View File

@@ -0,0 +1,68 @@
//
// KeyConsoleHandler.h
//
// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/KeyConsoleHandler.h#1 $
//
// Library: NetSSL_OpenSSL
// Package: SSLCore
// Module: KeyConsoleHandler
//
// Definition of the KeyConsoleHandler class.
//
// Copyright (c) 2006, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// Permission is hereby granted, free of charge, to any person or organization
// obtaining a copy of the software and accompanying documentation covered by
// this license (the "Software") to use, reproduce, display, distribute,
// execute, and transmit the Software, and to prepare derivative works of the
// Software, and to permit third-parties to whom the Software is furnished to
// do so, all subject to the following:
//
// The copyright notices in the Software and this entire statement, including
// the above license grant, this restriction and the following disclaimer,
// must be included in all copies of the Software, in whole or in part, and
// all derivative works of the Software, unless such copies or derivative
// works are solely in the form of machine-executable object code generated by
// a source language processor.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
// SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
// FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.
//
#ifndef NetSSL_KeyConsoleHandler_INCLUDED
#define NetSSL_KeyConsoleHandler_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/PrivateKeyPassphraseHandler.h"
namespace Poco {
namespace Net {
class NetSSL_API KeyConsoleHandler: public PrivateKeyPassphraseHandler
/// Class KeyConsoleHandler. Reads the key for a certificate from the console.
{
public:
KeyConsoleHandler(bool server);
/// Creates the KeyConsoleHandler.
~KeyConsoleHandler();
/// Destroys the KeyConsoleHandler.
void onPrivateKeyRequested(const void* pSender, std::string& privateKey);
};
} } // namespace Poco::Net
#endif // NetSSL_KeyConsoleHandler_INCLUDED

View File

@@ -0,0 +1,72 @@
//
// KeyFileHandler.h
//
// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/KeyFileHandler.h#1 $
//
// Library: NetSSL_OpenSSL
// Package: SSLCore
// Module: KeyFileHandler
//
// Definition of the KeyFileHandler class.
//
// Copyright (c) 2006, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// Permission is hereby granted, free of charge, to any person or organization
// obtaining a copy of the software and accompanying documentation covered by
// this license (the "Software") to use, reproduce, display, distribute,
// execute, and transmit the Software, and to prepare derivative works of the
// Software, and to permit third-parties to whom the Software is furnished to
// do so, all subject to the following:
//
// The copyright notices in the Software and this entire statement, including
// the above license grant, this restriction and the following disclaimer,
// must be included in all copies of the Software, in whole or in part, and
// all derivative works of the Software, unless such copies or derivative
// works are solely in the form of machine-executable object code generated by
// a source language processor.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
// SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
// FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.
//
#ifndef NetSSL_KeyFileHandler_INCLUDED
#define NetSSL_KeyFileHandler_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/PrivateKeyPassphraseHandler.h"
namespace Poco {
namespace Net {
class NetSSL_API KeyFileHandler: public PrivateKeyPassphraseHandler
/// Class KeyFileHandler. Reads the key for a certificate from a configuration file
/// under the path "openSSL.privateKeyPassphraseHandler.options.password".
{
public:
KeyFileHandler(bool server);
/// Creates the KeyFileHandler.
virtual ~KeyFileHandler();
/// Destroys the KeyFileHandler.
void onPrivateKeyRequested(const void* pSender, std::string& privateKey);
private:
static const std::string CFG_PRIV_KEY_FILE;
};
} } // namespace Poco::Net
#endif // NetSSL_KeyFileHandler_INCLUDED

View File

@@ -0,0 +1,70 @@
//
// NetSSL.h
//
// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/NetSSL.h#1 $
//
// Library: NetSSL_OpenSSL
// Package: SSLCore
// Module: OpenSSL
//
// Basic definitions for the Poco OpenSSL library.
// This file must be the first file included by every other OpenSSL
// header file.
//
// Copyright (c) 2006, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// Permission is hereby granted, free of charge, to any person or organization
// obtaining a copy of the software and accompanying documentation covered by
// this license (the "Software") to use, reproduce, display, distribute,
// execute, and transmit the Software, and to prepare derivative works of the
// Software, and to permit third-parties to whom the Software is furnished to
// do so, all subject to the following:
//
// The copyright notices in the Software and this entire statement, including
// the above license grant, this restriction and the following disclaimer,
// must be included in all copies of the Software, in whole or in part, and
// all derivative works of the Software, unless such copies or derivative
// works are solely in the form of machine-executable object code generated by
// a source language processor.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
// SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
// FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.
//
#ifndef NetSSL_NetSSL_INCLUDED
#define NetSSL_NetSSL_INCLUDED
#include "Poco/Net/Net.h"
//
// The following block is the standard way of creating macros which make exporting
// from a DLL simpler. All files within this DLL are compiled with the NetSSL_EXPORTS
// symbol defined on the command line. this symbol should not be defined on any project
// that uses this DLL. This way any other project whose source files include this file see
// NetSSL_API functions as being imported from a DLL, wheras this DLL sees symbols
// defined with this macro as being exported.
//
#if (defined(_WIN32) || defined(__CYGWIN__)) && defined(POCO_DLL)
#if defined(NetSSL_EXPORTS)
#define NetSSL_API __declspec(dllexport)
#else
#define NetSSL_API __declspec(dllimport)
#endif
#endif
#if !defined(NetSSL_API)
#define NetSSL_API
#endif
#endif // NetSSL_NetSSL_INCLUDED

View File

@@ -0,0 +1,104 @@
//
// PrivateKeyFactory.h
//
// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/PrivateKeyFactory.h#1 $
//
// Library: NetSSL_OpenSSL
// Package: SSLCore
// Module: PrivateKeyFactory
//
// Definition of the PrivateKeyFactory class.
//
// Copyright (c) 2006, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// Permission is hereby granted, free of charge, to any person or organization
// obtaining a copy of the software and accompanying documentation covered by
// this license (the "Software") to use, reproduce, display, distribute,
// execute, and transmit the Software, and to prepare derivative works of the
// Software, and to permit third-parties to whom the Software is furnished to
// do so, all subject to the following:
//
// The copyright notices in the Software and this entire statement, including
// the above license grant, this restriction and the following disclaimer,
// must be included in all copies of the Software, in whole or in part, and
// all derivative works of the Software, unless such copies or derivative
// works are solely in the form of machine-executable object code generated by
// a source language processor.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
// SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
// FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.
//
#ifndef NetSSL_PrivateKeyFactory_INCLUDED
#define NetSSL_PrivateKeyFactory_INCLUDED
#include "Poco/Net/NetSSL.h"
namespace Poco {
namespace Net {
class PrivateKeyPassphraseHandler;
class NetSSL_API PrivateKeyFactory
/// A PrivateKeyFactory is responsible for creating PrivateKeyPassphraseHandlers.
/// You don't need to access this class directly. Use the macro
/// POCO_REGISTER_KEYFACTORY(namespace, PrivateKeyPassphraseHandlerName)
/// instead (see the documentation of PrivateKeyPassphraseHandler for an example).
{
public:
PrivateKeyFactory();
/// Creates the PrivateKeyFactory.
virtual ~PrivateKeyFactory();
/// Destroys the PrivateKeyFactory.
virtual PrivateKeyPassphraseHandler* create(bool onServer) const = 0;
/// Creates a new PrivateKeyPassphraseHandler
};
class NetSSL_API PrivateKeyFactoryRegistrar
/// Registrar class which automatically registers PrivateKeyFactories at the PrivateKeyFactoryMgr.
/// You don't need to access this class directly. Use the macro
/// POCO_REGISTER_KEYFACTORY(namespace, PrivateKeyPassphraseHandlerName)
/// instead (see the documentation of PrivateKeyPassphraseHandler for an example).
{
public:
PrivateKeyFactoryRegistrar(const std::string& name, PrivateKeyFactory* pFactory);
/// Registers the PrivateKeyFactory with the given name at the factory manager.
virtual ~PrivateKeyFactoryRegistrar();
/// Destroys the PrivateKeyFactoryRegistrar.
};
#define POCO_REGISTER_KEYFACTORY(API, PKCLS) \
class API PKCLS##Factory: public Poco::Net::PrivateKeyFactory \
{ \
public: \
PKCLS##Factory(){} \
~PKCLS##Factory(){} \
Poco::Net::PrivateKeyPassphraseHandler* create(bool server) const \
{ \
return new PKCLS(server); \
} \
}; \
static Poco::Net::PrivateKeyFactoryRegistrar aRegistrar(std::string(#PKCLS), new PKCLS##Factory());
} } // namespace Poco::Net
#endif // NetSSL_PrivateKeyFactory_INCLUDED

View File

@@ -0,0 +1,86 @@
//
// PrivateKeyFactoryMgr.h
//
// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/PrivateKeyFactoryMgr.h#1 $
//
// Library: NetSSL_OpenSSL
// Package: SSLCore
// Module: PrivateKeyFactoryMgr
//
// Definition of the PrivateKeyFactoryMgr class.
//
// Copyright (c) 2006, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// Permission is hereby granted, free of charge, to any person or organization
// obtaining a copy of the software and accompanying documentation covered by
// this license (the "Software") to use, reproduce, display, distribute,
// execute, and transmit the Software, and to prepare derivative works of the
// Software, and to permit third-parties to whom the Software is furnished to
// do so, all subject to the following:
//
// The copyright notices in the Software and this entire statement, including
// the above license grant, this restriction and the following disclaimer,
// must be included in all copies of the Software, in whole or in part, and
// all derivative works of the Software, unless such copies or derivative
// works are solely in the form of machine-executable object code generated by
// a source language processor.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
// SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
// FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.
//
#ifndef NetSSL_PrivateKeyFactoryMgr_INCLUDED
#define NetSSL_PrivateKeyFactoryMgr_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/PrivateKeyFactory.h"
#include "Poco/SharedPtr.h"
#include <map>
namespace Poco {
namespace Net {
class NetSSL_API PrivateKeyFactoryMgr
/// A PrivateKeyFactoryMgr manages all existing PrivateKeyFactories.
{
public:
typedef std::map<std::string, Poco::SharedPtr<PrivateKeyFactory> > FactoriesMap;
PrivateKeyFactoryMgr();
/// Creates the PrivateKeyFactoryMgr.
~PrivateKeyFactoryMgr();
/// Destroys the PrivateKeyFactoryMgr.
void setFactory(const std::string& name, PrivateKeyFactory* pFactory);
/// Registers the factory. Class takes ownership of the pointer.
/// If a factory with the same name already exists, an exception is thrown.
bool hasFactory(const std::string& name) const;
/// Returns true if for the given name a factory is already registered
const PrivateKeyFactory* getFactory(const std::string& name) const;
/// Returns NULL if for the given name a factory does not exist, otherwise the factory is returned
void removeFactory(const std::string& name);
/// Removes the factory from the manager.
private:
FactoriesMap _factories;
};
} } // namespace Poco::Net
#endif // NetSSL_PrivateKeyFactoryMgr_INCLUDED

View File

@@ -0,0 +1,105 @@
//
// PrivateKeyPassphraseHandler.h
//
// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/PrivateKeyPassphraseHandler.h#1 $
//
// Library: NetSSL_OpenSSL
// Package: SSLCore
// Module: PrivateKeyPassphraseHandler
//
// Definition of the PrivateKeyPassphraseHandler class.
//
// Copyright (c) 2006, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// Permission is hereby granted, free of charge, to any person or organization
// obtaining a copy of the software and accompanying documentation covered by
// this license (the "Software") to use, reproduce, display, distribute,
// execute, and transmit the Software, and to prepare derivative works of the
// Software, and to permit third-parties to whom the Software is furnished to
// do so, all subject to the following:
//
// The copyright notices in the Software and this entire statement, including
// the above license grant, this restriction and the following disclaimer,
// must be included in all copies of the Software, in whole or in part, and
// all derivative works of the Software, unless such copies or derivative
// works are solely in the form of machine-executable object code generated by
// a source language processor.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
// SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
// FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.
//
#ifndef NetSSL_PrivateKeyPassphraseHandler_INCLUDED
#define NetSSL_PrivateKeyPassphraseHandler_INCLUDED
#include "Poco/Net/NetSSL.h"
namespace Poco {
namespace Net {
class NetSSL_API PrivateKeyPassphraseHandler
/// A passphrase handler is needed whenever the private key of a certificate is loaded and the certificate is protected
/// by a passphrase. The PrivateKeyPassphraseHandler's task is to provide that passphrase.
/// One can install one's own PrivateKeyPassphraseHandler by implementing this interface. Note that
/// in the cpp file of the subclass the following code must be present (assuming you use the namespace My_API
/// and the name of your handler class is MyGuiHandler):
///
/// #include "Poco/Net/PrivateKeyFactory.h"
/// ...
/// POCO_REGISTER_KEYFACTORY(My_API, MyGuiHandler)
///
/// One can either set the handler directly in the startup code of the main method of ones application by calling
///
/// SSLManager::instance().initialize(myguiHandler, myInvalidCertificateHandler, mySSLContext)
///
/// or in case one's application extends Poco::Util::Application one can use an XML configuration and put the following entry
/// under the path openSSL.privateKeyPassphraseHandler:
///
/// <privateKeyPassphraseHandler>
/// <name>MyGuiHandler</name>
/// <options>
/// [...] // Put optional config params for the handler here
/// </options>
/// </privateKeyPassphraseHandler>
/// Note that the name of the passphrase handler must be same as the one provided to the POCO_REGISTER_KEYFACTORY macro.
{
public:
PrivateKeyPassphraseHandler(bool onServerSide);
/// Creates the PrivateKeyPassphraseHandler. Automatically registers at the SSLManager::PrivateKeyPassword event.
virtual ~PrivateKeyPassphraseHandler();
/// Destroys the PrivateKeyPassphraseHandler.
virtual void onPrivateKeyRequested(const void* pSender, std::string& privateKey) = 0;
/// Returns the requested private key in the parameter privateKey.
bool serverSide() const;
private:
bool _serverSide;
};
//
// inlines
//
inline bool PrivateKeyPassphraseHandler::serverSide() const
{
return _serverSide;
}
} } // namespace Poco::Net
#endif // NetSSL_PrivateKeyPassphraseHandler_INCLUDED

View File

@@ -0,0 +1,59 @@
//
// SSLException.h
//
// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/SSLException.h#1 $
//
// Library: NetSSL_OpenSSL
// Package: SSLCore
// Module: SSLException
//
// Definition of the SSLException class.
//
// Copyright (c) 2006, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// Permission is hereby granted, free of charge, to any person or organization
// obtaining a copy of the software and accompanying documentation covered by
// this license (the "Software") to use, reproduce, display, distribute,
// execute, and transmit the Software, and to prepare derivative works of the
// Software, and to permit third-parties to whom the Software is furnished to
// do so, all subject to the following:
//
// The copyright notices in the Software and this entire statement, including
// the above license grant, this restriction and the following disclaimer,
// must be included in all copies of the Software, in whole or in part, and
// all derivative works of the Software, unless such copies or derivative
// works are solely in the form of machine-executable object code generated by
// a source language processor.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
// SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
// FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.
//
#ifndef NetSSL_SSLException_INCLUDED
#define NetSSL_SSLException_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/NetException.h"
namespace Poco {
namespace Net {
POCO_DECLARE_EXCEPTION(NetSSL_API, SSLException, NetException)
POCO_DECLARE_EXCEPTION(NetSSL_API, SSLContextException, SSLException)
POCO_DECLARE_EXCEPTION(NetSSL_API, InvalidCertificateException, SSLException)
} } // namespace Poco::Net
#endif // NetSSL_SSLException_INCLUDED

View File

@@ -0,0 +1,101 @@
//
// SSLInitializer.h
//
// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/SSLInitializer.h#1 $
//
// Library: NetSSL_OpenSSL
// Package: SSLCore
// Module: SSLInitializer
//
// Definition of the SSLInitializer class.
//
// Copyright (c) 2006, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// Permission is hereby granted, free of charge, to any person or organization
// obtaining a copy of the software and accompanying documentation covered by
// this license (the "Software") to use, reproduce, display, distribute,
// execute, and transmit the Software, and to prepare derivative works of the
// Software, and to permit third-parties to whom the Software is furnished to
// do so, all subject to the following:
//
// The copyright notices in the Software and this entire statement, including
// the above license grant, this restriction and the following disclaimer,
// must be included in all copies of the Software, in whole or in part, and
// all derivative works of the Software, unless such copies or derivative
// works are solely in the form of machine-executable object code generated by
// a source language processor.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
// SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
// FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.
//
#ifndef NetSSL_SSLInitializer_INCLUDED
#define NetSSL_SSLInitializer_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Mutex.h"
extern "C"
{
struct CRYPTO_dynlock_value
{
Poco::FastMutex _mutex;
};
}
namespace Poco {
namespace Net {
class NetSSL_API SSLInitializer
/// Initalizes the OpenSSL library.
///
/// The class ensures the earliest initialization and the
/// latest shutdown of the OpenSSL library.
{
public:
SSLInitializer();
/// Automatically initialize OpenSSL on startup.
~SSLInitializer();
/// Automatically shut down OpenSSL on exit.
static void initialize();
/// Initializes the OpenSSL machinery.
static void uninitialize();
/// Shuts down the OpenSSL machinery.
protected:
enum
{
SEEDSIZE = 256
};
// OpenSSL multithreading support
static void lock(int mode, int n, const char* file, int line);
static unsigned long id();
static struct CRYPTO_dynlock_value* dynlockCreate(const char* file, int line);
static void dynlock(int mode, struct CRYPTO_dynlock_value* lock, const char* file, int line);
static void dynlockDestroy(struct CRYPTO_dynlock_value* lock, const char* file, int line);
private:
static Poco::FastMutex* _mutexes;
static int _rc;
};
} } // namespace Poco::Net
#endif // NetSSL_SSLInitializer_INCLUDED

View File

@@ -0,0 +1,271 @@
//
// SSLManager.h
//
// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/SSLManager.h#1 $
//
// Library: NetSSL_OpenSSL
// Package: SSLCore
// Module: SSLManager
//
// Definition of the SSLManager class.
//
// Copyright (c) 2006, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// Permission is hereby granted, free of charge, to any person or organization
// obtaining a copy of the software and accompanying documentation covered by
// this license (the "Software") to use, reproduce, display, distribute,
// execute, and transmit the Software, and to prepare derivative works of the
// Software, and to permit third-parties to whom the Software is furnished to
// do so, all subject to the following:
//
// The copyright notices in the Software and this entire statement, including
// the above license grant, this restriction and the following disclaimer,
// must be included in all copies of the Software, in whole or in part, and
// all derivative works of the Software, unless such copies or derivative
// works are solely in the form of machine-executable object code generated by
// a source language processor.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
// SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
// FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.
//
#ifndef NetSSL_SSLManager_INCLUDED
#define NetSSL_SSLManager_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/VerificationErrorArgs.h"
#include "Poco/Net/Context.h"
#include "Poco/Net/PrivateKeyFactoryMgr.h"
#include "Poco/Net/CertificateHandlerFactoryMgr.h"
#include "Poco/Net/InvalidCertificateHandler.h"
#include "Poco/BasicEvent.h"
#include "Poco/SharedPtr.h"
#include <openssl/ssl.h>
namespace Poco {
namespace Net {
class Context;
class NetSSL_API SSLManager
/// Class SSLManager. Singleton for holding the default server/client Context and PrivateKeyPassphraseHandler.
/// Either initialize via Poco::Util::Application or via the
/// initialize methods of the singleton. Note that the latter initialization must happen very early
/// during program startup before somebody calls defaultClientContext()/defaultServerContext()
/// or any of the passPhraseHandler methods (which tries to auto-initialize
/// the context and passphrase handler based on an Poco::Util::Application configuration).
/// An exemplary documentation which sets either the server or client defaultcontext and creates a PrivateKeyPassphraseHandler
/// that reads the password from the XML file looks like this:
///
/// <AppConfig>
/// <openSSL>
/// <server|client>
/// <privateKeyFile>any.pem</privateKeyFile>
/// <caConfig>rootcert.pem</caConfig>
/// <verificationMode>relaxed</verificationMode>
/// <verificationDepth>9</verificationDepth>
/// <loadDefaultCAFile>true</loadDefaultCAFile>
/// <cypherList>ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH</cypherList>
/// <privateKeyPassphraseHandler>
/// <name>KeyFileHandler</name>
/// <options>
/// <password>test</password>
/// </options>
/// </privateKeyPassphraseHandler>
/// <invalidCertificateHandler>
/// <name>ConsoleCertificateHandler</name>
/// <options>
/// </options>
/// </invalidCertificateHandler>
/// </server|client>
/// </openSSL>
/// </AppConfig>
///
{
public:
typedef Poco::SharedPtr<Context> ContextPtr;
typedef Poco::SharedPtr<PrivateKeyPassphraseHandler> PrivateKeyPassphraseHandlerPtr;
typedef Poco::SharedPtr<InvalidCertificateHandler> InvalidCertificateHandlerPtr;
Poco::BasicEvent<VerificationErrorArgs> ServerVerificationError;
/// Thrown whenever a certificate error is detected by the server during a handshake
Poco::BasicEvent<VerificationErrorArgs> ClientVerificationError;
/// Thrown whenever a certificate error is detected by the client during a handshake
Poco::BasicEvent<std::string> PrivateKeyPassPhrase;
/// Thrown when a encrypted certificate is loaded. Not setting the passwd
/// in the event parameter will result in a failure to load the certificate.
/// Per default the SSLManager checks the configuration.xml file (path openSSL.privateKeyPassphraseHandler.name)
/// which default delegate it should register. If nothing is configured,
/// a KeyConsoleHandler is used.
static SSLManager& instance();
/// Returns the instance of the SSLManager singleton.
void initializeServer(PrivateKeyPassphraseHandlerPtr& ptrPassPhraseHandler, InvalidCertificateHandlerPtr& ptrHandler, ContextPtr ptrContext);
/// Initializes the server side of the SSLManager with a default passphrase handler, a default invalid certificate handler and a default context. If this method
/// is never called the SSLmanager will try to initialize its members from an application configuration.
/// Note: ALWAYS create the handlers before you create the context!
/// Valid initialization code would be:
/// SharedPtr<PrivateKeyPassphraseHandler> ptrConsole = new KeyConsoleHandler();
/// SharedPtr<InvalidCertificateHandler> ptrCert = new ConsoleCertificateHandler();
/// SharedPtr<Context> ptrContext = new Context("any.pem", "rootcert.pem", Context::Relaxed, 9, false, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH");
///
/// This method can only be called, if no defaultContext is set yet.
void initializeClient(PrivateKeyPassphraseHandlerPtr& ptrPassPhraseHandler, InvalidCertificateHandlerPtr& ptrHandler, ContextPtr ptrContext);
/// Initializes the client side of the SSLManager with a default passphrase handler, a default invalid certificate handler and a default context. If this method
/// is never called the SSLmanager will try to initialize its members from an application configuration.
/// Note: ALWAYS create the handlers before you create the context!
/// Valid initialization code would be:
/// SharedPtr<PrivateKeyPassphraseHandler> ptrConsole = new KeyConsoleHandler();
/// SharedPtr<InvalidCertificateHandler> ptrCert = new ConsoleCertificateHandler();
/// SharedPtr<Context> ptrContext = new Context("any.pem", "rootcert.pem", Context::Relaxed, 9, false, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH");
///
/// This method can only be called, if no defaultContext is set yet.
ContextPtr defaultServerContext();
/// Returns the default context used by the server. The first call to this method initializes the defaultContext
/// from an application configuration.
ContextPtr defaultClientContext();
/// Returns the default context used by the client. The first call to this method initializes the defaultContext
/// from an application configuration.
PrivateKeyPassphraseHandlerPtr serverPassPhraseHandler();
/// Returns the configured passphrase handler of the server. If none is set, the method will create a default one
/// from an application configuration
InvalidCertificateHandlerPtr serverCertificateHandler();
/// Returns an initialized certificate handler (used by the server to verify client cert) which determines how invalid certificates are treated.
/// If none is set, it will try to auto-initialize one from an application configuration.
PrivateKeyPassphraseHandlerPtr clientPassPhraseHandler();
/// Returns the configured passphrase handler of the client. If none is set, the method will create a default one
/// from an application configuration
InvalidCertificateHandlerPtr clientCertificateHandler();
/// Returns an initialized certificate handler (used by the client to verify server cert) which determines how invalid certificates are treated.
/// If none is set, it will try to auto-initialize one from an application configuration.
PrivateKeyFactoryMgr& privateKeyFactoryMgr();
/// Returns the private key factory manager which stores the
/// factories for the different registered passphrase handlers for private keys.
CertificateHandlerFactoryMgr& certificateHandlerFactoryMgr();
/// Returns the CertificateHandlerFactoryMgr which stores the
/// factories for the different registered certificate handlers.
static int verifyClientCallback(int ok, X509_STORE_CTX* pStore);
/// The return value of this method defines how errors in
/// verification are handled. Return 0 to terminate the handshake,
/// or 1 to continue despite the error.
static int verifyServerCallback(int ok, X509_STORE_CTX* pStore);
/// The return value of this method defines how errors in
/// verification are handled. Return 0 to terminate the handshake,
/// or 1 to continue despite the error.
static int privateKeyPasswdCallback(char* pBuf, int size, int flag, void* userData);
/// Method is invoked by OpenSSl to retrieve a passwd for an encrypted certificate.
/// The request is delegated to the PrivatekeyPassword event. This method returns the
/// length of the password.
static const std::string CFG_SERVER_PREFIX;
static const std::string CFG_CLIENT_PREFIX;
private:
SSLManager();
/// Creates the SSLManager.
~SSLManager();
/// Destroys the SSLManager.
void initDefaultContext(bool server);
/// Inits the default context, the first time it is accessed.
void initEvents(bool server);
/// Registers delegates at the events according to the configuration.
void initPassPhraseHandler(bool server);
/// Inits the passphrase handler.
void initCertificateHandler(bool server);
/// Inits the certificate handler.
static int verifyCallback(bool server, int ok, X509_STORE_CTX* pStore);
/// The return value of this method defines how errors in
/// verification are handled. Return 0 to terminate the handshake,
/// or 1 to continue despite the error.
PrivateKeyFactoryMgr _factoryMgr;
CertificateHandlerFactoryMgr _certHandlerFactoryMgr;
ContextPtr _ptrDefaultServerContext;
PrivateKeyPassphraseHandlerPtr _ptrServerPassPhraseHandler;
InvalidCertificateHandlerPtr _ptrServerCertificateHandler;
ContextPtr _ptrDefaultClientContext;
PrivateKeyPassphraseHandlerPtr _ptrClientPassPhraseHandler;
InvalidCertificateHandlerPtr _ptrClientCertificateHandler;
static const std::string CFG_PRIV_KEY_FILE;
static const std::string CFG_CA_LOCATION;
static const std::string CFG_VER_MODE;
static const Context::VerificationMode VAL_VER_MODE;
static const std::string CFG_VER_DEPTH;
static const int VAL_VER_DEPTH;
static const std::string CFG_ENABLE_DEFAULT_CA;
static const bool VAL_ENABLE_DEFAULT_CA;
static const std::string CFG_CYPHER_LIST;
static const std::string VAL_CYPHER_LIST;
static const std::string CFG_DELEGATE_HANDLER;
static const std::string VAL_DELEGATE_HANDLER;
static const std::string CFG_CERTIFICATE_HANDLER;
static const std::string VAL_CERTIFICATE_HANDLER;
friend class Poco::SingletonHolder<SSLManager>;
};
//
// inlines
//
inline PrivateKeyFactoryMgr& SSLManager::privateKeyFactoryMgr()
{
return _factoryMgr;
}
inline CertificateHandlerFactoryMgr& SSLManager::certificateHandlerFactoryMgr()
{
return _certHandlerFactoryMgr;
}
inline int SSLManager::verifyServerCallback(int ok, X509_STORE_CTX* pStore)
{
return SSLManager::verifyCallback(true, ok, pStore);
}
inline int SSLManager::verifyClientCallback(int ok, X509_STORE_CTX* pStore)
{
return SSLManager::verifyCallback(false, ok, pStore);
}
} } // namespace Poco::Net
#endif // NetSSL_SSLManager_INCLUDED

View File

@@ -0,0 +1,120 @@
//
// SecureServerSocket.h
//
// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/SecureServerSocket.h#1 $
//
// Library: NetSSL_OpenSSL
// Package: SSLSockets
// Module: SecureServerSocket
//
// Definition of the SecureServerSocket class.
//
// Copyright (c) 2006, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// Permission is hereby granted, free of charge, to any person or organization
// obtaining a copy of the software and accompanying documentation covered by
// this license (the "Software") to use, reproduce, display, distribute,
// execute, and transmit the Software, and to prepare derivative works of the
// Software, and to permit third-parties to whom the Software is furnished to
// do so, all subject to the following:
//
// The copyright notices in the Software and this entire statement, including
// the above license grant, this restriction and the following disclaimer,
// must be included in all copies of the Software, in whole or in part, and
// all derivative works of the Software, unless such copies or derivative
// works are solely in the form of machine-executable object code generated by
// a source language processor.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
// SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
// FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.
//
#ifndef NetSSL_SecureServerSocket_INCLUDED
#define NetSSL_SecureServerSocket_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/ServerSocket.h"
namespace Poco {
namespace Net {
class NetSSL_API SecureServerSocket: public ServerSocket
/// A server socket for secure SSL connections.
{
public:
SecureServerSocket();
/// Creates a SSL server socket.
///
/// The server socket must be bound to
/// an address and put into listening state.
SecureServerSocket(const Socket& socket);
/// Creates the SecureServerSocket with the SocketImpl
/// from another socket. The SocketImpl must be
/// a ServerSocketImpl, otherwise an InvalidArgumentException
/// will be thrown.
SecureServerSocket(const SocketAddress& address, int backlog = 64);
/// Creates a server socket, binds it
/// to the given address and puts it in listening
/// state.
///
/// After successful construction, the server socket
/// is ready to accept connections.
SecureServerSocket(Poco::UInt16 port, int backlog = 64);
/// Creates a server socket, binds it
/// to the given port and puts it in listening
/// state.
///
/// After successful construction, the server socket
/// is ready to accept connections.
virtual ~SecureServerSocket();
/// Destroys the StreamSocket.
SecureServerSocket& operator = (const Socket& socket);
/// Assignment operator.
///
/// Releases the socket's SocketImpl and
/// attaches the SocketImpl from the other socket and
/// increments the reference count of the SocketImpl.
StreamSocket acceptConnection(SocketAddress& clientAddr);
/// Get the next completed connection from the
/// socket's completed connection queue.
///
/// If the queue is empty, waits until a connection
/// request completes.
///
/// Returns a new SSL TCP socket for the connection
/// with the client.
///
/// The client socket's address is returned in clientAddr.
StreamSocket acceptConnection();
/// Get the next completed connection from the
/// socket's completed connection queue.
///
/// If the queue is empty, waits until a connection
/// request completes.
///
/// Returns a new TCP socket for the connection
/// with the client.
};
} } // namespace Poco::Net
#endif // NetSSL_SecureServerSocket_INCLUDED

View File

@@ -0,0 +1,163 @@
//
// SecureServerSocketImpl.h
//
// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/SecureServerSocketImpl.h#1 $
//
// Library: NetSSL_OpenSSL
// Package: SSLSockets
// Module: SecureServerSocketImpl
//
// Definition of the SecureServerSocketImpl class.
//
// Copyright (c) 2006, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// Permission is hereby granted, free of charge, to any person or organization
// obtaining a copy of the software and accompanying documentation covered by
// this license (the "Software") to use, reproduce, display, distribute,
// execute, and transmit the Software, and to prepare derivative works of the
// Software, and to permit third-parties to whom the Software is furnished to
// do so, all subject to the following:
//
// The copyright notices in the Software and this entire statement, including
// the above license grant, this restriction and the following disclaimer,
// must be included in all copies of the Software, in whole or in part, and
// all derivative works of the Software, unless such copies or derivative
// works are solely in the form of machine-executable object code generated by
// a source language processor.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
// SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
// FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.
//
#ifndef NetSSL_SecureServerSocketImpl_INCLUDED
#define NetSSL_SecureServerSocketImpl_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/SecureSocketImpl.h"
#include "Poco/Net/ServerSocketImpl.h"
namespace Poco {
namespace Net {
class NetSSL_API SecureServerSocketImpl: public ServerSocketImpl
/// The SocketImpl class for SecureServerSocket.
{
public:
SecureServerSocketImpl();
/// Creates the SecureServerSocketImpl.
SocketImpl* acceptConnection(SocketAddress& clientAddr);
/// Get the next completed connection from the
/// socket's completed connection queue.
///
/// If the queue is empty, waits until a connection
/// request completes.
///
/// Returns a new TCP socket for the connection
/// with the client.
///
/// The client socket's address is returned in clientAddr.
void connect(const SocketAddress& address);
/// Initializes the socket and establishes a connection to
/// the TCP server at the given address.
///
/// Can also be used for UDP sockets. In this case, no
/// connection is established. Instead, incoming and outgoing
/// packets are restricted to the specified address.
void connect(const SocketAddress& address, const Poco::Timespan& timeout);
/// Initializes the socket, sets the socket timeout and
/// establishes a connection to the TCP server at the given address.
void connectNB(const SocketAddress& address);
/// Initializes the socket and establishes a connection to
/// the TCP server at the given address. Prior to opening the
/// connection the socket is set to nonblocking mode.
void bind(const SocketAddress& address, bool reuseAddress = false);
/// Bind a local address to the socket.
///
/// This is usually only done when establishing a server
/// socket. TCP clients should not bind a socket to a
/// specific address.
///
/// If reuseAddress is true, sets the SO_REUSEADDR
/// socket option.
void listen(int backlog = 64);
/// Puts the socket into listening state.
///
/// The socket becomes a passive socket that
/// can accept incoming connection requests.
///
/// The backlog argument specifies the maximum
/// number of connections that can be queued
/// for this socket.
void close();
/// Close the socket.
int sendBytes(const void* buffer, int length, int flags = 0);
/// Sends the contents of the given buffer through
/// the socket. Any specified flags are ignored.
///
/// Returns the number of bytes sent, which may be
/// less than the number of bytes specified.
int receiveBytes(void* buffer, int length, int flags = 0);
/// Receives data from the socket and stores it
/// in buffer. Up to length bytes are received.
///
/// Returns the number of bytes received.
int sendTo(const void* buffer, int length, const SocketAddress& address, int flags = 0);
/// Sends the contents of the given buffer through
/// the socket to the given address.
///
/// Returns the number of bytes sent, which may be
/// less than the number of bytes specified.
int receiveFrom(void* buffer, int length, SocketAddress& address, int flags = 0);
/// Receives data from the socket and stores it
/// in buffer. Up to length bytes are received.
/// Stores the address of the sender in address.
///
/// Returns the number of bytes received.
void sendUrgent(unsigned char data);
/// Sends one byte of urgent data through
/// the socket.
///
/// The data is sent with the MSG_OOB flag.
///
/// The preferred way for a socket to receive urgent data
/// is by enabling the SO_OOBINLINE option.
protected:
~SecureServerSocketImpl();
/// Destroys the SecureServerSocketImpl.
private:
SecureServerSocketImpl(const SecureServerSocketImpl&);
SecureServerSocketImpl& operator = (const SecureServerSocketImpl&);
private:
SecureSocketImpl _socket;
};
} } // namespace Poco::Net
#endif // NetSSL_SecureServerSocketImpl_INCLUDED

View File

@@ -0,0 +1,237 @@
//
// SecureSocketImpl.h
//
// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/SecureSocketImpl.h#1 $
//
// Library: NetSSL_OpenSSL
// Package: SSLSockets
// Module: SecureSocketImpl
//
// Definition of the SecureSocketImpl class.
//
// Copyright (c) 2006, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// Permission is hereby granted, free of charge, to any person or organization
// obtaining a copy of the software and accompanying documentation covered by
// this license (the "Software") to use, reproduce, display, distribute,
// execute, and transmit the Software, and to prepare derivative works of the
// Software, and to permit third-parties to whom the Software is furnished to
// do so, all subject to the following:
//
// The copyright notices in the Software and this entire statement, including
// the above license grant, this restriction and the following disclaimer,
// must be included in all copies of the Software, in whole or in part, and
// all derivative works of the Software, unless such copies or derivative
// works are solely in the form of machine-executable object code generated by
// a source language processor.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
// SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
// FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.
//
#ifndef NetSSL_SecureSocketImpl_INCLUDED
#define NetSSL_SecureSocketImpl_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/SocketImpl.h"
#include <openssl/bio.h>
#include <openssl/ssl.h>
namespace Poco {
namespace Net {
class HostEntry;
class NetSSL_API SecureSocketImpl
/// The SocketImpl for SecureStreamSocket.
{
public:
SecureSocketImpl();
/// Creates the SecureSocketImpl.
SecureSocketImpl(SSL* _pSSL);
/// Creates the SecureSocketImpl.
virtual ~SecureSocketImpl();
/// Destroys the SecureSocketImpl.
SocketImpl* acceptConnection(SocketAddress& clientAddr);
/// Get the next completed connection from the
/// socket's completed connection queue.
///
/// If the queue is empty, waits until a connection
/// request completes.
///
/// Returns a new TCP socket for the connection
/// with the client.
///
/// The client socket's address is returned in clientAddr.
void connect(const SocketAddress& address);
/// Initializes the socket and establishes a connection to
/// the TCP server at the given address.
///
/// Can also be used for UDP sockets. In this case, no
/// connection is established. Instead, incoming and outgoing
/// packets are restricted to the specified address.
void connect(const SocketAddress& address, const Poco::Timespan& timeout);
/// Initializes the socket, sets the socket timeout and
/// establishes a connection to the TCP server at the given address.
void connectNB(const SocketAddress& address);
/// Initializes the socket and establishes a connection to
/// the TCP server at the given address. Prior to opening the
/// connection the socket is set to nonblocking mode.
void bind(const SocketAddress& address, bool reuseAddress = false);
/// Bind a local address to the socket.
///
/// This is usually only done when establishing a server
/// socket. TCP clients should not bind a socket to a
/// specific address.
///
/// If reuseAddress is true, sets the SO_REUSEADDR
/// socket option.
void listen(int backlog = 64);
/// Puts the socket into listening state.
///
/// The socket becomes a passive socket that
/// can accept incoming connection requests.
///
/// The backlog argument specifies the maximum
/// number of connections that can be queued
/// for this socket.
void close();
/// Close the socket.
int sendBytes(const void* buffer, int length, int flags = 0);
/// Sends the contents of the given buffer through
/// the socket. Any specified flags are ignored.
///
/// Returns the number of bytes sent, which may be
/// less than the number of bytes specified.
int receiveBytes(void* buffer, int length, int flags = 0);
/// Receives data from the socket and stores it
/// in buffer. Up to length bytes are received.
///
/// Returns the number of bytes received.
int sendTo(const void* buffer, int length, const SocketAddress& address, int flags = 0);
/// Sends the contents of the given buffer through
/// the socket to the given address.
///
/// Returns the number of bytes sent, which may be
/// less than the number of bytes specified.
int receiveFrom(void* buffer, int length, SocketAddress& address, int flags = 0);
/// Receives data from the socket and stores it
/// in buffer. Up to length bytes are received.
/// Stores the address of the sender in address.
///
/// Returns the number of bytes received.
void sendUrgent(unsigned char data);
/// Sends one byte of urgent data through
/// the socket.
///
/// The data is sent with the MSG_OOB flag.
///
/// The preferred way for a socket to receive urgent data
/// is by enabling the SO_OOBINLINE option.
poco_socket_t sockfd();
// Returns the socket.
void setTunnelEndPoint(const std::string& endHost, Poco::UInt16 endPort);
/// Due to the fact that SSLConnections that run over proxies require
/// a different connect phase (ie send an unencrypted HTTP CONNECT before
/// establishing, we must inform the socket that is only used as a proxy
/// that works as a tunnel to the given endPoint.
/// Only call this method on disconnected sockets.
protected:
void setSockfd(poco_socket_t sock);
/// Set a socket description iff no socket is already set.
void invalidate();
/// Invalidate the current socket. Must only be called on closed sockets.
static long postConnectionCheck(bool onServer, SSL* pSSL, const std::string& host);
/// PostConnectionCheck to verify that a peer really presented a valid certificate.
/// if onserver is false, used by clients to verify that a server is really the one it claims.
/// if onserver is true, used by the server to verify that a client is really the one it claims.
void connectSSL(const SocketAddress& address);
/// Creates and connects an SSL connection. Set _pSSL on success or exception otherwise.
void establishTunnel();
/// Creates a socket to the proxy and sends CONNECT.
static bool containsWildcards(const std::string& commonName);
/// Checks if the commonName of a certificate contains wildcards
static bool matchByAlias(const std::string& alias, const HostEntry& heData);
/// Checks if the alias is contained in heData
private:
SecureSocketImpl(const SecureSocketImpl&);
SecureSocketImpl& operator = (const SecureSocketImpl&);
private:
BIO* _pBIO;
SSL* _pSSL;
SocketImpl _socket;
std::string _endHost;
Poco::UInt16 _endPort;
};
//
// inlines
//
inline poco_socket_t SecureSocketImpl::sockfd()
{
return _socket.sockfd();
}
inline void SecureSocketImpl::setSockfd(poco_socket_t sock)
{
_socket.setSockfd(sock);
}
inline void SecureSocketImpl::invalidate()
{
_socket.invalidate();
}
inline void SecureSocketImpl::setTunnelEndPoint(const std::string& endHost, Poco::UInt16 endPort)
{
poco_assert (endPort != 0 && !endHost.empty());
_endHost = endHost;
_endPort = endPort;
}
} } // namespace Poco::Net
#endif // NetSSL_SecureSocketImpl_INCLUDED

View File

@@ -0,0 +1,91 @@
//
// SecureStreamSocket.h
//
// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/SecureStreamSocket.h#1 $
//
// Library: NetSSL_OpenSSL
// Package: SSLSockets
// Module: SecureStreamSocket
//
// Definition of the SecureStreamSocket class.
//
// Copyright (c) 2006, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// Permission is hereby granted, free of charge, to any person or organization
// obtaining a copy of the software and accompanying documentation covered by
// this license (the "Software") to use, reproduce, display, distribute,
// execute, and transmit the Software, and to prepare derivative works of the
// Software, and to permit third-parties to whom the Software is furnished to
// do so, all subject to the following:
//
// The copyright notices in the Software and this entire statement, including
// the above license grant, this restriction and the following disclaimer,
// must be included in all copies of the Software, in whole or in part, and
// all derivative works of the Software, unless such copies or derivative
// works are solely in the form of machine-executable object code generated by
// a source language processor.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
// SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
// FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.
//
#ifndef NetSSL_SecureStreamSocket_INCLUDED
#define NetSSL_SecureStreamSocket_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/StreamSocket.h"
namespace Poco {
namespace Net {
class NetSSL_API SecureStreamSocket: public StreamSocket
/// A subclass of StreamSocket for secure SSL sockets.
{
public:
SecureStreamSocket();
/// Creates an unconnected stream socket.
///
/// Before sending or receiving data, the socket
/// must be connected with a call to connect().
SecureStreamSocket(const SocketAddress& address);
/// Creates a stream socket and connects it to
/// the socket specified by address.
SecureStreamSocket(const Socket& socket);
/// Creates the StreamSocket with the SocketImpl
/// from another socket. The SocketImpl must be
/// a StreamSocketImpl, otherwise an InvalidArgumentException
/// will be thrown.
virtual ~SecureStreamSocket();
/// Destroys the StreamSocket.
SecureStreamSocket& operator = (const Socket& socket);
/// Assignment operator.
///
/// Releases the socket's SocketImpl and
/// attaches the SocketImpl from the other socket and
/// increments the reference count of the SocketImpl.
protected:
SecureStreamSocket(SocketImpl* pImpl);
friend class SecureServerSocket;
};
} } // namespace Poco::Net
#endif // NetSSL_SecureStreamSocket_INCLUDED

View File

@@ -0,0 +1,184 @@
//
// SecureStreamSocketImpl.h
//
// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/SecureStreamSocketImpl.h#1 $
//
// Library: NetSSL_OpenSSL
// Package: SSLSockets
// Module: SecureStreamSocketImpl
//
// Definition of the SecureStreamSocketImpl class.
//
// Copyright (c) 2006, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// Permission is hereby granted, free of charge, to any person or organization
// obtaining a copy of the software and accompanying documentation covered by
// this license (the "Software") to use, reproduce, display, distribute,
// execute, and transmit the Software, and to prepare derivative works of the
// Software, and to permit third-parties to whom the Software is furnished to
// do so, all subject to the following:
//
// The copyright notices in the Software and this entire statement, including
// the above license grant, this restriction and the following disclaimer,
// must be included in all copies of the Software, in whole or in part, and
// all derivative works of the Software, unless such copies or derivative
// works are solely in the form of machine-executable object code generated by
// a source language processor.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
// SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
// FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.
//
#ifndef NetSSL_SecureStreamSocketImpl_INCLUDED
#define NetSSL_SecureStreamSocketImpl_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/SecureSocketImpl.h"
#include "Poco/Net/StreamSocketImpl.h"
namespace Poco {
namespace Net {
class NetSSL_API SecureStreamSocketImpl: public StreamSocketImpl
/// This class implements a SSL TCP socket.
{
public:
SecureStreamSocketImpl();
/// Creates the SecureStreamSocketImpl.
SecureStreamSocketImpl(SSL* _pSSL);
/// Creates a SecureStreamSocketImpl using the given native socket.
SocketImpl* acceptConnection(SocketAddress& clientAddr);
/// Get the next completed connection from the
/// socket's completed connection queue.
///
/// If the queue is empty, waits until a connection
/// request completes.
///
/// Returns a new TCP socket for the connection
/// with the client.
///
/// The client socket's address is returned in clientAddr.
void connect(const SocketAddress& address);
/// Initializes the socket and establishes a connection to
/// the TCP server at the given address.
///
/// Can also be used for UDP sockets. In this case, no
/// connection is established. Instead, incoming and outgoing
/// packets are restricted to the specified address.
void connect(const SocketAddress& address, const Poco::Timespan& timeout);
/// Initializes the socket, sets the socket timeout and
/// establishes a connection to the TCP server at the given address.
void connectNB(const SocketAddress& address);
/// Initializes the socket and establishes a connection to
/// the TCP server at the given address. Prior to opening the
/// connection the socket is set to nonblocking mode.
void bind(const SocketAddress& address, bool reuseAddress = false);
/// Bind a local address to the socket.
///
/// This is usually only done when establishing a server
/// socket. TCP clients should not bind a socket to a
/// specific address.
///
/// If reuseAddress is true, sets the SO_REUSEADDR
/// socket option.
void listen(int backlog = 64);
/// Puts the socket into listening state.
///
/// The socket becomes a passive socket that
/// can accept incoming connection requests.
///
/// The backlog argument specifies the maximum
/// number of connections that can be queued
/// for this socket.
void close();
/// Close the socket.
int sendBytes(const void* buffer, int length, int flags = 0);
/// Sends the contents of the given buffer through
/// the socket. Any specified flags are ignored.
///
/// Returns the number of bytes sent, which may be
/// less than the number of bytes specified.
int receiveBytes(void* buffer, int length, int flags = 0);
/// Receives data from the socket and stores it
/// in buffer. Up to length bytes are received.
///
/// Returns the number of bytes received.
int sendTo(const void* buffer, int length, const SocketAddress& address, int flags = 0);
/// Sends the contents of the given buffer through
/// the socket to the given address.
///
/// Returns the number of bytes sent, which may be
/// less than the number of bytes specified.
int receiveFrom(void* buffer, int length, SocketAddress& address, int flags = 0);
/// Receives data from the socket and stores it
/// in buffer. Up to length bytes are received.
/// Stores the address of the sender in address.
///
/// Returns the number of bytes received.
void sendUrgent(unsigned char data);
/// Sends one byte of urgent data through
/// the socket.
///
/// The data is sent with the MSG_OOB flag.
///
/// The preferred way for a socket to receive urgent data
/// is by enabling the SO_OOBINLINE option.
void setTunnelEndPoint(const std::string& host, Poco::UInt16 port);
/// Due to the fact that SSLConnections that run over proxies require
/// a different connect phase (ie send an unencrypted HTTP CONNECT before
/// establishing, we must inform the socket that it is only used as a proxy
/// that works as a tunnel to the given endPoint.
/// Only call this method on disconnected sockets.
protected:
~SecureStreamSocketImpl();
/// Destroys the SecureStreamSocketImpl.
private:
SecureStreamSocketImpl(const SecureStreamSocketImpl&);
SecureStreamSocketImpl& operator = (const SecureStreamSocketImpl&);
private:
SecureSocketImpl _socket;
friend class SecureSocketImpl;
};
//
// inlines
//
inline void SecureStreamSocketImpl::setTunnelEndPoint(const std::string& host, Poco::UInt16 port)
{
_socket.setTunnelEndPoint(host, port);
}
} } // namespace Poco::Net
#endif // NetSSL_SecureStreamSocketImpl_INCLUDED

View File

@@ -0,0 +1,72 @@
//
// Utility.h
//
// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/Utility.h#1 $
//
// Library: NetSSL_OpenSSL
// Package: SSLCore
// Module: Utility
//
// Definition of the Utility class.
//
// Copyright (c) 2006, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// Permission is hereby granted, free of charge, to any person or organization
// obtaining a copy of the software and accompanying documentation covered by
// this license (the "Software") to use, reproduce, display, distribute,
// execute, and transmit the Software, and to prepare derivative works of the
// Software, and to permit third-parties to whom the Software is furnished to
// do so, all subject to the following:
//
// The copyright notices in the Software and this entire statement, including
// the above license grant, this restriction and the following disclaimer,
// must be included in all copies of the Software, in whole or in part, and
// all derivative works of the Software, unless such copies or derivative
// works are solely in the form of machine-executable object code generated by
// a source language processor.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
// SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
// FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.
//
#ifndef NetSSL_Utility_INCLUDED
#define NetSSL_Utility_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/Context.h"
namespace Poco {
namespace Net {
class NetSSL_API Utility
/// Class Utility. helper class for init & shutdown of the OpenSSL library
{
public:
static int HTTPS_PORT;
/// Default port value for HHTPS
static Context::VerificationMode convertVerificationMode(const std::string& verMode);
/// Non-case sensitive conversion of a string to a VerificationMode enum.
/// If verMode is illegal an OptionException is thrown.
static std::string convertCertificateError(long errCode);
/// Converts an SSL error code into human readable form
static std::string convertSSLError(SSL* pSSL, int errCode);
};
} } // namespace Poco::Net
#endif // NetSSL_Utility_INCLUDED

View File

@@ -0,0 +1,130 @@
//
// VerificationErrorArgs.h
//
// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/VerificationErrorArgs.h#1 $
//
// Library: NetSSL_OpenSSL
// Package: SSLCore
// Module: VerificationErrorArgs
//
// Definition of the VerificationErrorArgs class.
//
// Copyright (c) 2006, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// Permission is hereby granted, free of charge, to any person or organization
// obtaining a copy of the software and accompanying documentation covered by
// this license (the "Software") to use, reproduce, display, distribute,
// execute, and transmit the Software, and to prepare derivative works of the
// Software, and to permit third-parties to whom the Software is furnished to
// do so, all subject to the following:
//
// The copyright notices in the Software and this entire statement, including
// the above license grant, this restriction and the following disclaimer,
// must be included in all copies of the Software, in whole or in part, and
// all derivative works of the Software, unless such copies or derivative
// works are solely in the form of machine-executable object code generated by
// a source language processor.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
// SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
// FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.
//
#ifndef NetSSL_VerificationErrorArgs_INCLUDED
#define NetSSL_VerificationErrorArgs_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/X509Certificate.h"
namespace Poco {
namespace Net {
class NetSSL_API VerificationErrorArgs
/// A utility class for certificate error handling.
{
public:
VerificationErrorArgs(const X509Certificate& cert, int errDepth, int errNum, const std::string& errMsg);
/// Creates the VerificationErrorArgs. _ignoreError is per default set to false.
~VerificationErrorArgs();
/// Destroys the VerificationErrorArgs.
const X509Certificate& certificate() const;
/// Returns the certificate that caused the error.
int errorDepth() const;
/// Returns the position of the certificate in the certificate chain.
int errorNumber() const;
/// Returns the id of the error
const std::string& errorMessage() const;
/// Returns the textual presentation of the errorNumber.
void setIgnoreError(bool ignoreError);
/// setIgnoreError to true, if a verification error is judged non-fatal by the user.
bool getIgnoreError() const;
/// returns the value of _ignoreError
private:
X509Certificate _cert;
int _errorDepth;
int _errorNumber;
std::string _errorMessage; /// Textual representation of the _errorNumber
bool _ignoreError;
};
//
// inlines
//
inline const X509Certificate& VerificationErrorArgs::certificate() const
{
return _cert;
}
inline int VerificationErrorArgs::errorDepth() const
{
return _errorDepth;
}
inline int VerificationErrorArgs::errorNumber() const
{
return _errorNumber;
}
inline const std::string& VerificationErrorArgs::errorMessage() const
{
return _errorMessage;
}
inline void VerificationErrorArgs::setIgnoreError(bool ignoreError)
{
_ignoreError = ignoreError;
}
inline bool VerificationErrorArgs::getIgnoreError() const
{
return _ignoreError;
}
} } // namespace Poco::Net
#endif // NetSSL_VerificationErrorArgs_INCLUDED

View File

@@ -0,0 +1,105 @@
//
// X509Certificate.h
//
// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/X509Certificate.h#1 $
//
// Library: NetSSL_OpenSSL
// Package: SSLCore
// Module: X509Certificate
//
// Definition of the X509Certificate class.
//
// Copyright (c) 2006, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// Permission is hereby granted, free of charge, to any person or organization
// obtaining a copy of the software and accompanying documentation covered by
// this license (the "Software") to use, reproduce, display, distribute,
// execute, and transmit the Software, and to prepare derivative works of the
// Software, and to permit third-parties to whom the Software is furnished to
// do so, all subject to the following:
//
// The copyright notices in the Software and this entire statement, including
// the above license grant, this restriction and the following disclaimer,
// must be included in all copies of the Software, in whole or in part, and
// all derivative works of the Software, unless such copies or derivative
// works are solely in the form of machine-executable object code generated by
// a source language processor.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
// SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
// FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.
//
#ifndef NetSSL_X509Certificate_INCLUDED
#define NetSSL_X509Certificate_INCLUDED
#include "Poco/Net/NetSSL.h"
#include <openssl/ssl.h>
namespace Poco {
namespace Net {
class NetSSL_API X509Certificate
/// This class represents an X509 Certificate.
{
public:
X509Certificate(X509* pCert);
/// Creates the X509Certificate.
~X509Certificate();
/// Destroys the X509Certificate.
const std::string& issuerName() const;
/// Returns the certificate issuer name.
const std::string& subjectName() const;
/// Returns the certificate subject name.
const X509* certificate() const;
/// Returns the OpenSSL certificate.
private:
void initialize();
/// Extracts data from _pCert. Assumes _pCert != 0.
private:
std::string _issuerName;
std::string _subjectName;
X509* _pCert;
};
//
// inlines
//
inline const std::string& X509Certificate::issuerName() const
{
return _issuerName;
}
inline const std::string& X509Certificate::subjectName() const
{
return _subjectName;
}
inline const X509* X509Certificate::certificate() const
{
return _pCert;
}
} } // namespace Poco::Net
#endif // NetSSL_X509Certificate_INCLUDED